The operation is not allowed by RBAC. If role assignments were recently changed, please wait several minutes for role assignments to become effective.
I am the owner but got "The operation is not allowed by RBAC. If role assignments were recently changed, please wait several minutes for role assignments to become effective. " when trying to create a certificate
Accessing Azure Key Vault by using x509 certificate authentication
Hi there, may i know if there is a way to use x509 certificate as authentication to access Azure Key Vault ?
Access policies for Keyvaults decommission
Hello, I'm having a question relating Access policies. Is it planned into some Azure plan to decommission Access policies for Keyvaults ? If yes could you tell/give the dead lines and official communication pages ? Thanks, JR
"Failed to create the secret" error in Azure Front Door
Hello, currently I'm trying to assign my storage account's static website an Azure Front Door instance with a custom URL. This way, when someone accesses the custom domain associated with the front door instance, they'll access my static website. I've…
Is there a simple example of how to connect my MVC Web App to Azure KeyVault and extract my connect string?
I am using DotNet Core 8.0 and trying to use KeyVault from a non-Azure hosted WebApp. I am trying to use secrets for my database connect strings. Is there a simple example of how to connect my MVC Web App to Azure KeyVault and extract my connect…
Access to Azure Keyvault inside Azure Container Instance WebApi
I would like to retrive the keyvault secrets using managed identity in web Api. Creates Web APi with DefaultAzureCredential Able to retrive the data using aboe code. Built image and pushed into Azure container registry Created azure container…
How to set expiry date for all the azure key vault secrets ?
Hi Team, I want to set expiry for all the secrets under one azure key vault. After searching many articles I found this : "az keyvault secret set-attributes --vault-name 'your-keyvault-name' --name 'your-secret-name' --expires…
How to connect event grid with self-signed certificates
Hello everyone, I am trying to communicate with a Schneider PLC through Event Grid with an MQTT broker using self-signed certificates from Key Vault. I have uploaded certificates generated by Key Vault in .pem and .cer formats, but I receive an error:…
Insufficient Permissions for Import Certificate into Key Vault
I am an external user for one of my client accounts. I have owner permissions. I am trying to import a certificate into a key vault. The key vault has the Vault Access Policy. As the owner, I have full access to this resource. However, when I try to…
Cost Implications of Azure Key Vault with Diagnostic Settings and High Volume of Secrets
Hi, I have a specific use case for Azure Key Vault and need some clarification on cost implications. Here are the details of my scenario: Diagnostic Settings: I aim to enable diagnostic settings for Azure Key Vault and store the logs in Log Analytics.…
Generate dynamic passwords with Azure Key Vault for Postgresql Database running in Azure VM
Hey guys, I have my open source postgresql deployed in Azure VMs. I would like to generate dynamic passwords for the database users using Azure Key Vault. Is it typically possible? If yes, can you please help down with steps or redirect me to right…
Seeking Tools or Scripts for Bulk Operations in Azure Key Vault
Hello, I am looking to utilize Azure Key Vault for storing our organization's secret data. Specifically, I need to perform bulk operations such as creating multiple key vaults, adding multiple secrets, and assigning permissions in an efficient manner. I…
How to secure APIM subscription key when calling APIs from Web Client Application
Hello, What are some secure ways to pass the Azure API Management (APIM) subscription key while calling APIs, without exposing it in the browser network tab? Passing the key inside the header is not ideal as it can be exposed in the network tab. Would…
Effect of MC792991 Disablement of Symmetric keys for Microsoft Entra first-party applications Service Principals
Hello Team, Greetings! This is Joni. Due to the Microsoft post as follows, a partner need to address how this affects to end users' resources and workloads. Disablement of Symmetric keys for Microsoft Entra first-party applications Service Principals…
ManagedIdentityCredential authentication unavailable. Connection to IMDS endpoint cannot be established
We have a locally built a Spring boot sample client application to Access the Azure Key vault services and retrieve the secrets. The Application is built and packaged as WAR file and deployed in the external Tomcat server. We use the User Assigned…
Using key vault to customize the encryption keys at rest for Azure Database PostgreSQL imply any cost on for encrypt/decrypt operations?
Hi, Based on the pricing for Key Vault, encryption/decryption operations via API are charged. My question is, does this also imply cost for PostgreSQL DBaaS using custom encryption keys stored in Azure Key Vault or the cost for encrypting/decrypting…
Getting error while trying to use Python 3.11 in Linux machine.
Getting below error while trying to use Python 3.11 in Linux machine. az keyvault: module 'inspect' has no attribute 'getargspec'
What permissions are required to allow app services to import a certificate from a keyvault that uses RBAC?
I have an azure app service and key vault that is using RBAC. I am unable to get the app service to import a certificate from key vault. I keep getting this error: Failed to import key vault certificate: ... . Error: The service does not have access…
Does azure China's encryption algorithm comply with OSCCA certification of China? For example, key vault
Hi Team, May I ask whether the encryption algorithms designed by Azure China service comply with or are certified by OSCCA algorithms in China? Similar to the documentation given by AWS, do we also meet this Chinese algorithm standard for some similar…
Best Practices for Securely Handling Credentials with Connect-AzAccount in PowerShell while accessing Azure key vault
I'm currently working on a project that involves connecting to Azure services using the Connect-AzAccount cmdlet. While this cmdlet works well for establishing connections, I'm concerned about the security implications of storing credentials on the…